""ET TROJAN Dropper.Win32.Agent.bpxo Checkin""
SID: 2012894
Revision: 4
Class Type: trojan-activity
Metadata: created_at 2011_05_31, updated_at 2011_08_02
Reference:
Protocol: tcp
Source Network: $HOME_NET
Source Port: any
Destination Network: $EXTERNAL_NET
Destination Port: 1024:
Flow: established,to_server
Contents:
- Value: "|71 4E 6C 39 34 65 66 59 41 7A 32 32 37 4F 71 45 44 4D 50 0A|" Depth: 20
Within:
PCRE:
Special Options: